FCC Issues Final Rule on Caller ID Authentication

Some exemptions for voice service providers took effect Nov. 17, while other components of the rule will start Dec. 17.

– The final rule is part of requirements in the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act.

– Caller ID authentication is designed to stop caller ID spoofing and illegal robocalls. ACA has advocated on behalf of the industry to ensure legitimate calls are not impacted by these mitigation efforts.

The Federal Communications Commission on Tuesday adopted a final rule implementing the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act requirements on caller ID authentication technology.

Several components in the rule take effect Dec. 17, while others were delayed indefinitely. Certain exemptions from caller ID authentication for voice service providers took effect Nov. 17, according to the rule published in the Federal Register  on that date.

As a refresher, the FCC’s caller ID authentication framework  is designed to stop illegal caller ID spoofing and robocalls. Caller ID authentication is often referred to as STIR/SHAKEN, a “framework of interconnected standards” that allows carriers to sign or label calls as legitimate and that they are in fact from the number displayed on the caller ID before reaching consumers, according to the FCC

Under the TRACED Act, voice service providers are required to fully implement the STIR/SHAKEN caller ID authentication by June 30, 2021.

According to the final rule, the component that takes effect Nov. 17 focuses on how a voice service provider may seek a voluntary exemption from the June 2021 caller ID authentication deadline by certifying on or before Dec. 1, 2020, that it has already made substantial progress toward adoption.

The final rule states that to obtain exemption, voice service providers must, by Dec. 1:

• Adopt the STIR/SHAKEN authentication framework for calls on the Internet Protocol networks of the voice service provider, by completing the network preparations necessary to deploy the STIR/SHAKEN protocols on its network, including but not limited to participation in test beds and lab testing, or completion of commensurate network adjustments to enable the authentication and validation of calls on its network consistent with the STIR/SHAKEN framework;
• Agree voluntarily to participate with other voice service providers in the STIR/SHAKEN authentication framework;
• Begin to implement the STIR/SHAKEN authentication framework by completing the necessary network upgrades to at least one network element—e.g., a single switch or session border controller—to enable the authentication and verification of caller identification information consistent with the STIR/SHAKEN standards; and
• Be capable of fully implementing the STIR/SHAKEN authentication framework not later than June 30, 2021, which it may only determine if it reasonably foresees that it will have completed all necessary network upgrades to its network infrastructure to enable the authentication and verification of caller identification information for all Session Initiation Protocol (SIP) calls exchanged with STIR/SHAKEN-enabled partners by June 30, 2021.

The FCC adopted the new rule on implementation of STIR/SHAKEN in September, ACA International previously reported. The rule approved by the FCC Sept. 29 is part of a second report and order titled “Promoting Caller ID Authentication to Combat Spoofed Robocalls .

The report and order are part of the FCC’s work to implement the TRACED Act and promote the deployment of caller ID authentication technology to combat spoofed robocalls.

ACA is reviewing the rule and will provide an update on the components that take effect in December.